CISA details twin attacks on federal servers via unpatched ColdFusion flaw

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. The vulnerability, tracked as CVE-2023-26360, was disclosed in March and was shortly after added to CISA’s known exploited vulnerability (KEV) catalog, setting an April 5 deadline for agencies to fix the issue.

Source: The Register

 

Date:

Categorie(s):

Tag(s):

, , ,